Initial support for hashing during definition importmk-definition-import-checksumming

author: Michael Klishin <michael@clojurewerkz.org> 2022-01-19 11:47:46 +0300
committer: Michael Klishin <michael@clojurewerkz.org> 2022-01-19 11:48:33 +0300
commit: e35a30438756cdb6773e9248bebe97ebee93c86e (patch)
tree: 5900115a1fa591abd08ac928b4de5bf063aa9af6
parent: be6db116de18da40e94168818b4dcb2db5fff969 (diff)
download: rabbitmq-server-git-mk-definition-import-checksumming.tar.gz
4 files changed, 85 insertions, 20 deletions
diff --git a/deps/rabbit/priv/schema/rabbit.schema b/deps/rabbit/priv/schema/rabbit.schema
index f9d316fb7c..9cbab2d37c 100644
--- a/deps/rabbit/priv/schema/rabbit.schema
+++ b/deps/rabbit/priv/schema/rabbit.schema
@@ -154,10 +154,10 @@ fun(Conf) ->
     end
 end}.
 
-{mapping, "definitions.checksum.use_checksum", "rabbit.definitions.use_checksum", [
+{mapping, "definitions.hashing.use_hashing", "rabbit.definitions.use_hashing", [
     {datatype, {enum, [true, false]}}]}.
 
-{mapping, "definitions.checksum.checksum_algorithm", "rabbit.definitions.checksum_algorithm", [
+{mapping, "definitions.hashing.algorithm", "rabbit.definitions.hashing_algorithm", [
     {datatype, {enum, [sha, sha224, sha256, sha384, sha512]}}]}.
 
 %% Load definitions from a remote URL over HTTPS. See
diff --git a/deps/rabbit/src/rabbit_definitions.erl b/deps/rabbit/src/rabbit_definitions.erl
index 2cbb6db22d..573c472b0e 100644
--- a/deps/rabbit/src/rabbit_definitions.erl
+++ b/deps/rabbit/src/rabbit_definitions.erl
@@ -20,7 +20,7 @@
 %% import
 -export([import_raw/1, import_raw/2, import_parsed/1, import_parsed/2,
          apply_defs/2, apply_defs/3, apply_defs/4, apply_defs/5,
-         should_use_checksum/0, checksum_algorithm/0]).
+         should_use_hashing/0]).
 
 -export([all_definitions/0]).
 -export([
@@ -185,7 +185,14 @@ maybe_load_definitions_from_pluggable_source(App, Key) ->
                 ModOrAlias ->
                     Mod = normalize_backend_module(ModOrAlias),
                     rabbit_log:debug("Will use module ~s to import definitions", [Mod]),
-                    Mod:load(Proplist)
+                    case should_use_hashing() of
+                        false ->
+                            Mod:load(Proplist);
+                        true ->
+                            Hash = rabbit_definitions_hashing:stored_hash(),
+                            Algo = rabbit_definitions_hashing:hashing_algorithm(),
+                            Mod:load_with_hashing(Proplist, Hash, Algo)
+                    end
             end
     end.
 
@@ -233,24 +240,14 @@ atomise_map_keys(Decoded) ->
         Acc#{rabbit_data_coercion:to_atom(K, utf8) => V}
               end, Decoded, Decoded).
 
--spec should_use_checksum() -> boolean().
-should_use_checksum() ->
+-spec should_use_hashing() -> boolean().
+should_use_hashing() ->
     case application:get_env(rabbit, definitions) of
         undefined   -> false;
         {ok, none}  -> false;
         {ok, []}    -> false;
         {ok, Proplist} ->
-            pget(use_checksum, Proplist, false)
-    end.
-
--spec checksum_algorithm() -> {ok, crypto:sha1() | crypto:sha2()}.
-checksum_algorithm() ->
-    case application:get_env(rabbit, definitions) of
-        undefined   -> undefined;
-        {ok, none}  -> undefined;
-        {ok, []}    -> undefined;
-        {ok, Proplist} ->
-            pget(checksum_algorithm, Proplist, sha256)
+            pget(use_hashing, Proplist, false)
     end.
 
 
@@ -264,9 +261,6 @@ apply_defs(Map, ActingUser) ->
                 (Map :: #{atom() => any()}, ActingUser :: rabbit_types:username(),
                 VHost :: vhost:name()) -> 'ok'  | {error, term()}.
 
-apply_defs(Map, ActingUser, VHost) when is_binary(VHost) ->
-    apply_defs(Map, ActingUser, fun () -> ok end, VHost);
-
 apply_defs(Map, ActingUser, SuccessFun) when is_function(SuccessFun) ->
     Version = maps:get(rabbitmq_version, Map, maps:get(rabbit_version, Map, undefined)),
     try
diff --git a/deps/rabbit/src/rabbit_definitions_hashing.erl b/deps/rabbit/src/rabbit_definitions_hashing.erl
new file mode 100644
index 0000000000..d4eb9c799d
--- /dev/null
+++ b/deps/rabbit/src/rabbit_definitions_hashing.erl
@@ -0,0 +1,62 @@
+%% This Source Code Form is subject to the terms of the Mozilla Public
+%% License, v. 2.0. If a copy of the MPL was not distributed with this
+%% file, You can obtain one at https://mozilla.org/MPL/2.0/.
+%%
+%% Copyright (c) 2007-2022 VMware, Inc. or its affiliates.  All rights reserved.
+%%
+-module(rabbit_definitions_hashing).
+
+-include("rabbit.hrl").
+
+-import(rabbit_misc, [pget/2, pget/3]).
+
+-export([
+    hashing_algorithm/0,
+    hash/1,
+    hash/2,
+    stored_hash/0,
+    store_hash/1,
+    store_hash/2
+]).
+
+-define(DEFAULT_HASHING_ALGORITHM, sha256).
+-define(GLOBAL_RUNTIME_PARAMETER_KEY, definitions_hash).
+
+%%
+%% API
+%%
+
+-spec hashing_algorithm() -> {ok, crypto:sha1() | crypto:sha2()}.
+hashing_algorithm() ->
+    case application:get_env(rabbit, definitions) of
+        undefined   -> undefined;
+        {ok, none}  -> undefined;
+        {ok, []}    -> undefined;
+        {ok, Proplist} ->
+            pget(hashing_algorithm, Proplist, ?DEFAULT_HASHING_ALGORITHM)
+    end.
+
+-spec hash(Value :: term()) -> binary().
+hash(Value) ->
+    crypto:hash(hashing_algorithm(), Value).
+
+-spec hash(Algo :: crypto:sha1() | crypto:sha2(), Value :: term()) -> binary().
+hash(Algo, Value) ->
+    crypto:hash(Algo, term_to_binary(Value)).
+
+-spec stored_hash() -> binary() | undefined.
+stored_hash() ->
+    case rabbit_runtime_parameters:lookup_global(?GLOBAL_RUNTIME_PARAMETER_KEY) of
+        not_found -> undefined;
+        undefined -> undefined;
+        Proplist  -> pget(value, Proplist)
+    end.
+
+-spec store_hash(Value :: term()) -> ok.
+store_hash(Value0) ->
+    store_hash(Value0, ?INTERNAL_USER).
+
+-spec store_hash(Value :: term(), Username :: rabbit_types:username()) -> ok.
+store_hash(Value0, Username) ->
+    Value = rabbit_data_coercion:to_binary(Value0),
+    rabbit_runtime_parameters:set_global(?GLOBAL_RUNTIME_PARAMETER_KEY, Value, Username).
diff --git a/deps/rabbit/src/rabbit_definitions_import_local_filesystem.erl b/deps/rabbit/src/rabbit_definitions_import_local_filesystem.erl
index d8e5961128..4840bc9b3b 100644
--- a/deps/rabbit/src/rabbit_definitions_import_local_filesystem.erl
+++ b/deps/rabbit/src/rabbit_definitions_import_local_filesystem.erl
@@ -14,6 +14,7 @@
     load/1,
     %% classic arguments specific to this source
     load/2,
+    load_with_hashing/3,
     location/0
 ]).
 
@@ -56,6 +57,14 @@ load(Proplist) when is_list(Proplist) ->
 load(IsDir, Path) ->
     load_from_local_path(IsDir, Path).
 
+load_with_hashing(Defs, undefined = _Hash, _Algo) when is_list(Defs) ->
+    load(Defs);
+load_with_hashing(Defs, PreviousHash, Algo) ->
+    case rabbit_definitions_hashing:hash(Algo, Defs) of
+        PreviousHash -> ok;
+        _            -> load(Defs)
+    end.
+
 location() ->
     case location_from_classic_option() of
         undefined -> location_from_modern_option();
author	Michael Klishin <michael@clojurewerkz.org>	2022-01-19 11:47:46 +0300
committer	Michael Klishin <michael@clojurewerkz.org>	2022-01-19 11:48:33 +0300
commit	e35a30438756cdb6773e9248bebe97ebee93c86e (patch)
tree	5900115a1fa591abd08ac928b4de5bf063aa9af6
parent	be6db116de18da40e94168818b4dcb2db5fff969 (diff)
download	rabbitmq-server-git-mk-definition-import-checksumming.tar.gz